package com.guxingke.typecho4j.jfinal.controller;

import javax.servlet.http.HttpSession;

import com.guxingke.typecho4j.jfinal.model.User;
import com.jfinal.aop.Interceptor;
import com.jfinal.core.ActionInvocation;

/**
 * 
 * 后台权限拦截器
 * 
 * @author guxingke
 *
 */
public class AuthIntercepter implements Interceptor {

	@Override
	public void intercept(ActionInvocation ai) {
		HttpSession session = ai.getController().getSession();
		User user = (User) session.getAttribute("user");
		if (user != null && "administrator".equals(user.get("group"))) {
			ai.invoke();
		} else {
			ai.getController().redirect("/");
		}
	}

}
